CVE-2021-28918

Description

Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts.

Related CPE's

anetmask_projectnetmask*****node.js**
vulnerable

References

https://github.com/rs/node-netmask

Third Party Advisory

https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md

ExploitThird Party Advisory

https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/

ExploitPress/Media CoverageThird Party Advisory

https://www.npmjs.com/package/netmask

ProductThird Party Advisory

https://github.com/advisories/GHSA-pch5-whg9-qr2r

Third Party Advisory

CvssV3 impact

BaseSeverity

CRITICAL

ConfidentialityImpact

HIGH

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

NONE

IntegrityImpact

HIGH

PrivilegesRequired

NONE

BaseScore

9.1

VectorString

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

6.4

VectorString

AV:N/AC:L/Au:N/C:P/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

NONE